30 Need to Know Facts About Cybercrime Statistics in 2024

Data phishing, malware, and ransomware are common cyberattacks, with detected attacks reaching 493.33 million worldwide. Global weekly attacks increased by 7% in the first quarter of 2023 compared to last year's quarter.

Over 560,000 new malware are created daily, and 92% of these are distributed by email most of the time. It also takes over 42 days to detect if these emails have malware.

To understand this topic more, here is some noteworthy data gathered about cybercrime statistics for 2023.

How Many Cybercrimes Happen Worldwide?

An estimated 1.7 million ransomware attacks take place daily. Current statistics suggest that 1.2% of sent emails are malicious, and roughly 3.4 billion daily emails are phishing emails. Other types of cybercrime are also on the rise.

A study conducted by IT Governance shows 87 security incidents disclosed publicly, accounting for 146,290,598 data breaches. The increasing global threat of cybercrime prompted a global response to increase cyber security measures.

Listed here are facts regarding the status of cybercrimes in 2023.

Cybercrime Statistics by Country

Automated government services and other official systems are susceptible to cyberattacks, making the threat of cybercrime a severe national security risk. Attacks on these offices can hinder major infrastructure and render its services useless. 

In 2022, 104.8 million data breaches originated in Russia, making it the country with the most significant exposure that year. China follows with 34 million accounts breached, and then the US with 23.5 million breached accounts.

Here are some statistics on threats countries face during a cyberattack:

1. There were 951 publicly reported ID incidents in the second quarter of 2023.

(ITRC)

The Identity Theft Resource Center reported 951 publicly recorded incidents in Q2 2023, with the highest number of breaches recorded. This number is a 114% increase from the previous 445 incidents. 

Most data breaches that involve ID aim to steal personal information to sell on the dark web.

2. In 2023, ransomware attacks increased by 37%.

(Statista)

The average ransomware demand in 2023 costs $5.3 million, and enterprises pay an average of $100,000 for each attack. The digitalization of workloads and cloud technology drives the 37% increase in ransomware.

As of 2023, 98% of companies and enterprises also use cloud technology, and 67% are on the cloud. This percentage led to companies losing significant security compared to non-cloud platforms.

3. Finland has the lowest malware attack rate, with an infection rate of 1.06%.

(Passwork)

The low infection rate is due to the country's legislative reforms when responding to cybercrime. Finland's government allocated funds to help businesses develop appropriate cybersecurity measures. The country aims to combat the increasing threat of cyberattacks within the country.

4. 34 million passport details were leaked in Indonesia.

(IT governance)

Bjorka, a known hacktivist and critic of the Indonesian government, leaked over 34 million passport information from the Indonesian immigration directorate. 

Their goal was to show the government's lack of political will and interest in protecting the personal data of ordinary Indonesians. Bjorka hackers later posted the stolen data on the dark web and sold it for $10,000.

5. Hackers stole 80GB of data from Reddit in February 2023.

(Cybersecurityhub)

Blackcat, a ransomware gang, claimed responsibility for the data breach on Reddit. They posted on their data leak site that they stole 80GB of data in February 2023. 

The cause for the ransomware attacks was for Reddit to recall the new API policy. This attack led Reddit to impose new pricing for third-party app developers seeking to access their APIs.

6. Cyberattacks in Saudi Arabia and the UAE cost $6.93 million per incident.

(IBM)

As the region experiences rapid economic growth and digitalization, the rate of cybercrime in the Middle East is also increasing. Studies show that an average cyberattack in Saudi Arabia and the UAE would cost $6.93 million. This cost is 63.44% higher than the $4.24 million global average.

7. China ranks first in the top 3 countries of origin for cyberattacks.

(Cyberproof)

Cyberproof's Cyber Threat Intelligence Team has shown the top countries of origin for cyberattacks. The team used IP addresses from open-source and monitored private sources to help identify geolocation by the government. 

They developed these ways to rate each country. The top 3 countries are:

• China at 18.83% 
• US at 17.05 % 
• Brazil at 5.63% 

8. The number of IT crimes in Russia has grown 50 times since 2014. 

(Tadviser)

Russia recorded 510,000 IT-related crimes in 2022. Russian cybercriminals used AI for phishing and generating messages to appear as legitimate businesses. The country’s Ministry of Internal Affairs also published that 25% of crimes in Russia happen online.

Cybercrime Statistics by Industry

The interconnectivity of information today has opened a new landscape for discoveries to thrive. These include more accessible access to medical records, online banking, and having your food delivered to your doorstep. 

Accessibility through internet use can lead to cybercriminals bypassing heavy internet security. This access leads them to target less-protected third-party networks, becoming primary targets of hackers.

In 2021, a third-party company leaked 214 million personal accounts from Facebook, LinkedIn, and Instagram. Hackers gained access by breaching a contractor called Socialarks, which the three companies employ.

Suffering from a data breach is more than a monetary loss; companies also lose clients and damage their reputations. Below is a list of the top industries most targeted by cyberattacks. 

9. There are 145 data breaches in the Healthcare Industry in 2023.

(Persona)

Healthcare is one of the most targeted industries due to the sensitive data it stores. The US Government Office of Civil Rights reported 145 data breaches in Q1 of 2023. It follows the 707 data breaches in 2022, resulting in 51.9 million records stolen.

10. The global financial services sector suffered 560 data breach attacks in 2022.

(Senetas)

Financial institutions disclosed in 2022 that over 560 data breaches account for over 250 million pieces of compromised data. 

Hackers hit many regions, but the US suffered the hardest, with several incidents impacting over a million customers. The main driver for the data breaches is significant financial gain from financial institutions.

11. The US spends $861.12 billion on online retail transactions.

(Threat Intelligence)

The retail industry holds vast customer data, like Personally Identifiable Information (PII) and credit card numbers. This data is a gold mine for hackers who sell it on the dark web. 

In 2021, this industry was the second-most targeted sector for ransomware attacks. In the same year, 77% of retail organizations experienced the same.

12. In 2022, the education sector experienced a 44% increase in cyberattacks.

(Checkpoint Security)

The field of education not only holds sensitive data on students and faculty, but also conducts sensitive research and data gathering. 

This industry has experienced increased cyberattacks due to the data it holds and weak security systems. On average, 2,297 attacks happen on various organizations weekly, costing as much as $3.56 million.

13. 22% of cyberattacks in oil and gas were related to espionage.

(Parachute)

Energy is a crucial part of the operation of businesses and other industries. Hackers target this sector 4% of the time, which would cost 4.72 million for every incident.

Cybercriminals attack these industries because of their outdated systems, making them easy targets for cyberattacks.

14. In the US, 23.9 million users in the manufacturing industry were affected by data violations.

(Statista)

Automation and digitalization provide higher productivity and performance, but they also become targets for cybercriminals. Targeting these businesses causes physical damage to products and machines, leading to disrupted operations and stolen intellectual property.

In 2022, around 250 data violation incidents happened in the US alone, impacting approximately 23.9 million users.

Cybercrime damage or loss statistics

According to Cybersecurity Ventures, cybercrimes are estimated to cost $8 trillion in 2023 and will grow to $10.5 trillion by 2025 globally. Comparing it to a country's economic power, it would be the third largest economy next to China and America. 

Here are some data about the damages caused by cybercrime globally.

15. Hackers leaked 800 customer records from T-Mobile in May 2023.

(Electric)

T-Mobile's breach revealed the full names, numbers, and PINs of over 800 customers. The incident is the company's second data breach this year. Hackers used a single API to obtain information on customer accounts to breach the company. 

The company announced that the incident would incur a significant expense in addition to the $350 million settlement for customers in August 2021. T-Mobile lost financial and customer trust due to successive data breaches.

16. Hackers target small to medium businesses in 43% of cyberattacks.

(Embroker)

Of the 43% of businesses, only 14% have the means to defend themselves. Hackers prefer to attack SMEs for their limited security and cybermeasures. Still, such attacks would disrupt operations, damaging important IT assets that are expensive to fix without a budget.

17. Ransomware is estimated to cost $30 billion in 2023.

(Tech.co)

73% of businesses suffered from ransomware in 2022. Globally, the cost of ransomware is expected to reach over $30 billion. 80% of those who pay the ransom are attacked again by the same hackers. The repeated attacks lead to more ransom paid and companies losing data and finances.

18. Medical records are 10 to 40 times more valuable on the dark web than a credit card.

(Imperva)

Anthem Blue Cross suffered The most significant data breach in a healthcare company, with 78.8 million patient records stolen. Medical records fetch 10–40 times the price of credit card information on the dark web. This price of medical records is one reason hackers target the healthcare industry.

Although cybercriminals profit more, cyberattacks hinder healthcare records' availability, reliability, trust, and access to medical networks.

19. Ransomware targets critical infrastructure 28% of the time.

(Getastra)

Data suggests that ransomware targets critical infrastructure 28% of the time. These sectors include healthcare, financial services, government organizations, and more. 

From 2019 to 2021, 55% of 1,500 insurance claims by industries were due to ransomware.

20. The global IoT population increased by 16% in 2023.

(IoT business)

The Internet of Things (IoT) comprises connected devices and is a growing trend among internet users. In 2022, the number of devices grew by 18% or 14.3 billion active devices. The global number of IoT-connected devices will grow another 16%, or over 16 billion active devices by 2023.

Cybersecurity Attack Statistics 2023 by Type

Cybercriminals have developed methods to gather data and exploit a system's weaknesses efficiently. Knowing their methods would help you avoid becoming a victim of such a crime.

Due to the increase in methods and attacks, the cybersecurity industry is estimated to reach a revenue of $162 billion in 2023. It will have a projected annual growth rate of 9.63% from 2023 to 2028, estimated at $256.5 billion in 2028.

Here are stats on the types of attacks cybercriminals use to cause a data breach.

21. Phishing causes 90% of corporate security breaches.

(ITgovernance)

Cybercriminals use phishing to access a system and extract credentials and other important information. Phishing is often successful because of human error; the unintentional opening of a phishing email results in a breach. 

This malware can access systems by:

• Infected software
• Weak passwords
• Fake websites
• Installing compromised software
• Fake applications

22. In 2022, there were 493.33 million ransomware attacks detected globally.

(Statista)

Ransomware targets organizations that store sensitive and critical information. In the event of an attack, these organizations would rather pay the ransom than report the data breach. 

Reporting a successful cyberattack harms an organization. Still, most of the time, it damages their reputation, and they lose the confidence of their clients. Hence, most incidents are usually not reported. 

23. Denial of Service (DoS) attacks grew by 150% globally in 2022.

(Radware)

Global DoS attacks have increased by 150% in 2022 compared to 2021. It has risen even higher in the US, reporting a growth of 212% from the same period.

Digitalization is, again, the main driver behind the rise of this type of cyberattack. It has opened new vulnerabilities and exposed services by increasing work-from-home remote access during COVID-19.

24. Structured Query Language (SQL) injection accounts for 42% of attacks on all publicly accessible systems.

(SecurityEscape)

SQL injection is an attack that uses malicious SQL code to gain access to a backend database. Most publicly accessible systems need a backend database to work correctly. While 42% of all attacks on a publicly accessible system are SQL injections.

25. Cryptojacking incidents increased by 30% in the first half of 2022.

(Marketsplash)

The number of cryptojacking incidents has increased by 30% or 66.7 million incidents in 2022. The most affected sectors in the first half were healthcare, education, and government, which also saw a decline in cryptojacking attacks.

26. Shields Health Care Group suffered the most significant data breach in April 2023, with 2.3 million personal records leaked.

(ITgovernance)

Cybercriminals stole 2.3 million personal records from Shields Health Care Group in April 2023. The hackers gained access by exploiting a weakness in the network by using an employee account to gain access via a phishing attack.

The main targets of the hackers are the medical records and personal information stored in the database, which fetch high prices on the dark web.

Global Cybercrime Statistics

Cybercrime's global cost is projected to rise by 15% annually. This increase leads to more businesses opting for secure measures to guard their systems. 

Despite efforts, such as better systems and OS, the Global Cybersecurity Outlook reveals bleak projections. 86% of businesses and 93% of cyber security leaders anticipate a catastrophic cyber event within the next two years.

Listed next are some of the statistics on cybercrime globally. 

27. Cybersecurity expenditures will reach over $71.5 billion in 2022.

(Statista)

Global expenditure for cybersecurity has been increasing from $40.8 billion to a record high of $71.5 billion in 2022. The rise in expenditures is necessary to protect critical data and keep up with the sophistication of cyberattacks.

28. Cybercriminals send 3.4 billion malicious emails every day.

(ITgovernance)

Phishing is the most common cybercrime, with an estimated 3.4 billion daily malicious emails. In 2022, Verizon found that 36% of data breaches involved phishing.

In phishing, hackers often send compelling emails asking for credit card information, prompting the victim to give details to avoid card deactivation.

29. Cryptojacking reached 139.3 million attacks in 2022.

(Sonicwall)

Cryptojacking attempts in 2022 increased by 43% year after year. This spike has pushed attack volume past the 100 million mark for the first time, setting a record of 139.3 million by the end of 2022. 

The attacks are attributed to the rise in cryptocurrency market value. The more crypto they can mine, the more profit they have.

30. China is a hub for BotNet, with 590,000 bots.

(Spamhaus)

BotNet, or Robot Network, is a network of computers infected by bot malware and controlled by a hacker. Hackers use BotNet to launch a DDoS attack.

As of August 2023, the top 3 countries with several BotNets are:

1. China - 926760
2. India - 523104
3. US - 368544

Conclusion

The importance of understanding cybercrime can't be understated. According to IBM, 95% of cyber breaches are caused by human error. Changing to a more complex password can help you avoid becoming a victim. 

The more the methods of cybercrime are understood, the more defensive and preventive measures can be taken. Mitigating the risk of a cyberattack starts with every internet user and spreading awareness about these statistics is everyone's responsibility.